Menu
▾
▴
[Nagios-checkins] SF.net SVN: nagios:[2550] nagioscore/branches/nagios-3-4-x
|
From: <est...@us...> - 2012-12-28 11:54:43
|
Revision: 2550
http://nagios.svn.sourceforge.net/nagios/?rev=2550&view=rev
Author: estanley375
Date: 2012-12-28 11:54:32 +0000 (Fri, 28 Dec 2012)
Log Message:
-----------
Fixed bug #401: segmentation fault on Solaris when parsing unknown timeperiod directives.
Previously the end of the function xodtemplate_parse_timeperiod_directive
was referencing a pointer after it had been freed (and NULLed). This
has been corrected.
Modified Paths:
--------------
nagioscore/branches/nagios-3-4-x/Changelog
nagioscore/branches/nagios-3-4-x/xdata/xodtemplate.c
Modified: nagioscore/branches/nagios-3-4-x/Changelog
===================================================================
--- nagioscore/branches/nagios-3-4-x/Changelog 2012-12-21 17:27:04 UTC (rev 2549)
+++ nagioscore/branches/nagios-3-4-x/Changelog 2012-12-28 11:54:32 UTC (rev 2550)
@@ -4,6 +4,7 @@
3.4.4 - xx/xx/xxxx
------------------
+* Fixed bug #401: segmentation fault on Solaris when parsing unknown timeperiod directives. (Eric Stanley)
* Added NULL pointer checks to CGI code. (Eric Stanley)
* Fixed buffer overflow vulnerability in CGI code. Thanks to Neohapsis (http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0108.html) for finding this. (Eric Stanley)
Modified: nagioscore/branches/nagios-3-4-x/xdata/xodtemplate.c
===================================================================
--- nagioscore/branches/nagios-3-4-x/xdata/xodtemplate.c 2012-12-21 17:27:04 UTC (rev 2549)
+++ nagioscore/branches/nagios-3-4-x/xdata/xodtemplate.c 2012-12-28 11:54:32 UTC (rev 2550)
@@ -4009,17 +4009,16 @@
else
result = ERROR;
- /* free memory */
- my_free(input);
-
- if(result == ERROR) {
#ifdef NSCORE
+ if(result == ERROR) {
printf("Error: Could not parse timeperiod directive '%s'!\n", input);
-#endif
- return ERROR;
}
+#endif
- return OK;
+ /* free memory */
+ my_free(input);
+
+ return result;
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|